$ rpki-client -vvf rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft File: Q2XRedW3PoqX7eBQXynvAMLWPvk.mft (raw, json) Hash identifier: EfNYnDfvqPh9Rz/tej6qV0HnpTK6I7yD+jXOHlVCUo8= Subject key identifier: 3C:38:0D:AA:25:85:DC:45:57:E8:2E:56:86:19:FF:2D:60:2D:FC:D0 Authority key identifier: 43:65:D1:79:D5:B7:3E:8A:97:ED:E0:50:5F:29:EF:00:C2:D6:3E:F9 Certificate issuer: /CN=A9139555/serialNumber=4365D179D5B73E8A97EDE0505F29EF00C2D63EF9 Certificate serial: 0298 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft Manifest number: 0291 Signing time: Tue 13 May 2025 01:22:50 +0000 Manifest this update: Tue 13 May 2025 01:22:49 +0000 Manifest next update: Tue 20 May 2025 01:22:49 +0000 Files and hashes: 1: Q2XRedW3PoqX7eBQXynvAMLWPvk.crl (hash: cdcW33VYxZLjgX98XFPcSzw140KDB2HOEBIpCACX72E=) 2: 3522CF4E168811EF8040817EC4F9AE02.roa (hash: bEx+57BQwSmXNBcGQeSfgjX5vb+zZEaNP/mDVmKg8PE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.crl rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 01:22:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 664 (0x298) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9139555, serialNumber=4365D179D5B73E8A97EDE0505F29EF00C2D63EF9 Validity Not Before: May 13 01:22:49 2025 GMT Not After : May 20 01:22:49 2025 GMT Subject: CN=68229ee9-b816 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:f3:64:ef:4c:8c:85:f1:ba:88:55:fe:fe:e6: ce:ca:65:c7:e0:f6:94:24:9e:c3:3b:fe:27:f9:1e: e0:a7:42:91:88:51:77:67:f5:ed:45:0e:9d:82:8a: 56:1a:2c:c6:7a:59:6b:ba:2d:6b:b1:43:5b:ad:2a: 1f:e1:ce:40:56:88:f7:57:52:82:12:2c:7e:ef:b2: c5:be:55:88:c3:09:ab:c6:2a:7a:e7:ec:ea:79:ea: 02:b5:6b:a1:7a:15:7b:e1:09:31:f3:ed:af:6b:b8: 32:03:e6:98:94:6b:02:42:a0:fe:ea:f0:ee:14:2a: d6:a6:30:b1:e6:f7:ae:a3:0d:f9:df:58:a1:62:91: ec:b8:ed:8f:b9:1e:80:c3:34:16:3c:d6:47:a4:ff: ae:0a:74:56:45:f9:11:c1:36:c5:e4:9a:7f:f8:26: 79:8f:a6:eb:e0:9e:38:76:b0:82:f3:79:64:b1:b8: 0b:3d:99:6f:28:8a:9c:17:a2:c7:39:8c:cb:ba:31: b2:7a:bf:fa:34:ae:63:a9:4f:9c:ad:16:84:0c:97: 2a:18:7d:cc:de:6e:1a:e7:1c:34:8a:8d:a3:80:4a: e1:3f:15:cd:6a:50:4b:d5:af:9e:87:97:d5:48:ad: 1a:04:d6:08:db:5a:ac:fe:7c:f6:4d:03:ce:fd:4e: 9f:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:38:0D:AA:25:85:DC:45:57:E8:2E:56:86:19:FF:2D:60:2D:FC:D0 X509v3 Authority Key Identifier: keyid:43:65:D1:79:D5:B7:3E:8A:97:ED:E0:50:5F:29:EF:00:C2:D6:3E:F9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q2XRedW3PoqX7eBQXynvAMLWPvk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139555/DC7D145A022D11ED9D646B57C4F9AE02/Q2XRedW3PoqX7eBQXynvAMLWPvk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:f1:28:d6:38:51:1b:2a:f2:c3:0d:84:fa:78:ce:0d:73:35: e1:5f:0c:94:20:22:ac:07:5c:fe:44:73:ea:dc:9d:8c:81:6f: 57:70:be:7a:04:cf:cc:1d:9e:86:fd:9d:c1:35:01:e5:4b:f5: bb:af:8f:76:b1:c2:26:32:14:32:c6:d7:37:22:ad:40:fa:91: 5f:d1:f3:75:30:5f:d7:74:91:de:21:dd:18:21:ef:08:2c:29: 65:f4:03:dc:6e:3c:f0:ea:82:af:50:9e:ae:e1:6d:08:53:4d: 2d:9c:04:4f:fc:ca:64:e9:72:7a:9d:92:70:38:79:c3:4f:e5: 15:37:2f:9c:87:c1:2a:1d:43:13:86:d7:4e:8d:d6:81:df:48: f2:97:0d:cd:38:7a:6c:16:cd:e4:aa:26:72:ea:46:19:3e:f8: 9c:09:3d:e4:b9:f7:a1:56:71:55:a3:33:4f:68:b8:87:28:0b: 6f:bf:08:14:a3:bb:ce:94:65:4e:3e:0d:00:73:de:54:1a:4a: c8:81:0d:5c:b9:37:f3:b3:42:1c:c7:ea:cf:c0:c1:b5:df:81: c6:71:9c:f8:2c:e4:42:b6:ee:88:05:ab:7b:e5:ff:01:b8:7b: d6:ce:3a:ce:f8:18:44:43:30:0a:f8:4c:cc:76:c9:f3:bb:bf: ea:fb:6c:8b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzk1NTUxMTAvBgNVBAUTKDQzNjVEMTc5RDVCNzNFOEE5N0VERTA1MDVGMjlFRjAw QzJENjNFRjkwHhcNMjUwNTEzMDEyMjQ5WhcNMjUwNTIwMDEyMjQ5WjAYMRYwFAYD VQQDEw02ODIyOWVlOS1iODE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzfNk70yMhfG6iFX+/ubOymXH4PaUJJ7DO/4n+R7gp0KRiFF3Z/XtRQ6dgopW GizGellrui1rsUNbrSof4c5AVoj3V1KCEix+77LFvlWIwwmrxip65+zqeeoCtWuh ehV74Qkx8+2va7gyA+aYlGsCQqD+6vDuFCrWpjCx5veuow3531ihYpHsuO2PuR6A wzQWPNZHpP+uCnRWRfkRwTbF5Jp/+CZ5j6br4J44drCC83lksbgLPZlvKIqcF6LH OYzLujGyer/6NK5jqU+crRaEDJcqGH3M3m4a5xw0io2jgErhPxXNalBL1a+eh5fV SK0aBNYI21qs/nz2TQPO/U6f4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDw4Daol hdxFV+guVoYZ/y1gLfzQMB8GA1UdIwQYMBaAFENl0XnVtz6Kl+3gUF8p7wDC1j75 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTU1NS9EQzdEMTQ1QTAy MkQxMUVEOUQ2NDZCNTdDNEY5QUUwMi9RMlhSZWRXM1BvcVg3ZUJRWHludkFNTFdQ dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1EyWFJlZFczUG9xWDdlQlFYeW52QU1MV1B2ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz OTU1NS9EQzdEMTQ1QTAyMkQxMUVEOUQ2NDZCNTdDNEY5QUUwMi9RMlhSZWRXM1Bv cVg3ZUJRWHludkFNTFdQdmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAV8SjWOFEbKvLDDYT6eM4NczXhXwyUICKsB1z+RHPq3J2MgW9XcL56 BM/MHZ6G/Z3BNQHlS/W7r492scImMhQyxtc3Iq1A+pFf0fN1MF/XdJHeId0YIe8I LCll9APcbjzw6oKvUJ6u4W0IU00tnARP/Mpk6XJ6nZJwOHnDT+UVNy+ch8EqHUMT htdOjdaB30jylw3NOHpsFs3kqiZy6kYZPvicCT3kufehVnFVozNPaLiHKAtvvwgU o7vOlGVOPg0Ac95UGkrIgQ1cuTfzs0Icx+rPwMG134HGcZz4LORCtu6IBat75f8B uHvWzjrO+BhEQzAK+EzMdsnzu7/q+2yL -----END CERTIFICATE-----Generated at Tue May 13 19:56:46 2025 by rpki-client